A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications.
Search Results for "Heartbleed"
Episode 176: Security Alarms in Census II Open Source Audit. Also: The New Face of Insider Threats with Code42
Joe Payne the CEO of Code42 joins us to talk about how the challenge of data breach prevention is changing. And: we do a deep dive on the recent Census II audit of open source.
Episode 124: The Twitter Accounts Pushing French Protests. Also: social engineering the Software Supply Chain
In this week’s podcast (#124): we speak with French security researcher Baptiste Robert about research on the social media accounts pushing the french “Yellow Vest” protests. Surprise, surprise: they’re not french. Also: Brian Fox of the firm Sonatype joins us to talk about the recent compromise of the Github event-stream project and why social engineering poses a real risk to the security of the software supply chain.
Episode 108: DEF CON’s Car Hacking Village and is the Open Source Model Failing on Security
In this week’s podcast (#108), sponsored by CA Veracode: hacker summer camp wrapped up on Sunday, as the 26th annual DEF CON conference concluded at Caesar’s Palace in Las Vegas. Hacks of connected and smart vehicles were a big theme again this year. We sat down with the organizers of DEF CON’s Car Hacking Village to see what was news at this year’s show. Also: open source software has revolutionized the way software gets made, and turbo charged the growth of companies like Facebook and Uber. But is the open source model failing us when it comes to security? We’re joined by OWASP founder Mark Curphey of CA Veracode to discuss it.
Podcast Episode 94: Black Report takes Hacker View and Securing the Open Source Supply Chain
In this episode of the Security Ledger Podcast we do a deep dive into the recent Black Report by NUIX – which flips the script by asking hackers and pen testers their opinions about how they hack firms and what defensive strategies and technologies work best at stopping them. Also: Rami Sass the CEO and co-founder of this week’s sponsor, WhiteSource Software, joins us in the Security Ledger studios to talk about how a white knuckle audit of his company’s open source dependencies eight years ago prompted him to start WhiteSource, which makes a tool for managing the open source software supply chains.
